Cryptology ePrint Archive: Report 2007/056

Abstract: During the last years, large-scale simulations of realistic physical
environments which support the interaction of multiple participants
over the Internet have become increasingly available and
economically viable, most notably in the computer gaming
industry. Such systems, commonly called networked virtual
environments (NVEs), are usually based on a client-server
architecture where for performance reasons and bandwidth
restrictions, the simulation is partially delegated to the clients.
This inevitable architectural choice renders the simulation
vulnerable to attacks against the semantic integrity of the
simulation: malicious clients may attempt to compromise the physical
and logical rules governing the simulation, or to alter the causality
of events a posteriori.

In this paper, we initiate the systematic study of semantic
integrity in NVEs from a security point of view. We argue that
naive policies to enforce semantic integrity involve intolerable
network load, and are therefore not practically feasible. We present
a new provably secure semantic integrity protocol based on
cryptographic primitives which enables the server system to audit
the local computations of the clients on demand. Our approach
facilitates low network and CPU load, incurs reasonable
engineering overhead, and maximally decouples the auditing process
from the soft real time constraints of the simulation.

Category / Keywords: applications / protocols, audit trails

Publication Info: An extended abstract of this paper appears at the IEEE Symposium on Security and Privacy, 2007